According to my understanding, you are making some issues.
I ever faced similar issue before so please try it with my experience.
config.py**
SESSION_COOKIE_SAMESITE = "None"

SESSION_COOKIE_SECURE = True
app.py****

CORS(app, supports_credentials=True, resources={
    r"/*": {
        "origins": [
            "http://localhost:3000",
            "https://453c-162-199-93-254.ngrok-free.app"
        ]
    }
})

if it is still unauthorized, then please let me know.